import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.openecomp.policy.pdp.rest.restAuth.AuthenticationService;
+import org.openecomp.policy.pdp.rest.config.PDPApiAuth;
/**
* Servlet Filter implementation class PDPAuthenticationFilter
public class PDPAuthenticationFilter implements Filter {
public static final String AUTHENTICATION_HEADER = "Authorization";
+ public static final String ENVIRONMENT_HEADER = "Environment";
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filter) throws IOException, ServletException {
if (request instanceof HttpServletRequest) {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
+ String environment = httpServletRequest.getHeader(ENVIRONMENT_HEADER);
String authCredentials = httpServletRequest.getHeader(AUTHENTICATION_HEADER);
String path = ((HttpServletRequest) request).getRequestURI();
// better injected
boolean authenticationStatus = authenticationService.authenticate(authCredentials);
if (authenticationStatus) {
- filter.doFilter(request, response);
- } else if(path.contains("notifications")){
+ if (check(path)) {
+ // New API request.
+ path = path.substring(path.substring(1).indexOf("/") + 1);
+ if (environment == null) {
+ // Allow Old clients.
+ if(!path.contains("/api/")){
+ request.getRequestDispatcher("/api/" + path).forward(request,response);
+ }else{
+ request.getRequestDispatcher(path).forward(request,response);
+ }
+ } else if (environment.equalsIgnoreCase(PDPApiAuth.getEnvironment())) {
+ // Validated new Clients.
+ if(!path.contains("/api/")){
+ request.getRequestDispatcher("/api/" + path).forward(request,response);
+ }else{
+ request.getRequestDispatcher(path).forward(request,response);
+ }
+ } else if(response instanceof HttpServletResponse) {
+ HttpServletResponse httpServletResponse = (HttpServletResponse) response;
+ httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ }
+ } else {
+ filter.doFilter(request, response);
+ }
+ } else if (path.contains("swagger") || path.contains("api-docs")
+ || path.contains("configuration") || path.contains("count")) {
+ path = path.substring(path.substring(1).indexOf("/") + 2);
+ request.getRequestDispatcher("/api/" + path).forward(request,response);
+ } else if(path.contains("notifications")){
filter.doFilter(request, response);
} else {
if (response instanceof HttpServletResponse) {
}
}
}
+
+ private boolean check(String path) {
+ if(path.endsWith("/pdp/")|| path.endsWith("/pdp")|| path.endsWith("/test")){
+ return false;
+ }else{
+ return true;
+ }
+ }
@Override
public void destroy() {
+ // Do nothing.
}
@Override
public void init(FilterConfig arg0) throws ServletException {
+ // Do nothing.
}
}
Code Review / policy / engine.git / blobdiff